Mercurial > hg > nginx-site
comparison xml/en/docs/mail/ngx_mail_ssl_module.xml @ 1726:a0bc284941f6
Documented multiple certificates support.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Tue, 07 Jun 2016 19:00:50 +0300 |
parents | 38fb3e6b71e8 |
children | 3fa0944ddc6a |
comparison
equal
deleted
inserted
replaced
1725:67b5aac350e4 | 1726:a0bc284941f6 |
---|---|
8 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> | 8 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> |
9 | 9 |
10 <module name="Module ngx_mail_ssl_module" | 10 <module name="Module ngx_mail_ssl_module" |
11 link="/en/docs/mail/ngx_mail_ssl_module.html" | 11 link="/en/docs/mail/ngx_mail_ssl_module.html" |
12 lang="en" | 12 lang="en" |
13 rev="10"> | 13 rev="11"> |
14 | 14 |
15 <section id="summary"> | 15 <section id="summary"> |
16 | 16 |
17 <para> | 17 <para> |
18 The <literal>ngx_mail_ssl_module</literal> module provides the necessary | 18 The <literal>ngx_mail_ssl_module</literal> module provides the necessary |
107 for the given server. | 107 for the given server. |
108 If intermediate certificates should be specified in addition to a primary | 108 If intermediate certificates should be specified in addition to a primary |
109 certificate, they should be specified in the same file in the following | 109 certificate, they should be specified in the same file in the following |
110 order: the primary certificate comes first, then the intermediate certificates. | 110 order: the primary certificate comes first, then the intermediate certificates. |
111 A secret key in the PEM format may be placed in the same file. | 111 A secret key in the PEM format may be placed in the same file. |
112 </para> | |
113 | |
114 <para> | |
115 Since version 1.11.0, | |
116 this directive can be specified multiple times | |
117 to load certificates of different types, for example, RSA and ECDSA: | |
118 <example> | |
119 server { | |
120 listen 993 ssl; | |
121 | |
122 ssl_certificate example.com.rsa.crt; | |
123 ssl_certificate_key example.com.rsa.key; | |
124 | |
125 ssl_certificate example.com.ecdsa.crt; | |
126 ssl_certificate_key example.com.ecdsa.key; | |
127 | |
128 ... | |
129 } | |
130 </example> | |
131 <note> | |
132 Only OpenSSL 1.0.2 or higher supports separate certificate chains | |
133 for different certificates. | |
134 With older versions, only one certificate chain can be used. | |
135 </note> | |
112 </para> | 136 </para> |
113 | 137 |
114 </directive> | 138 </directive> |
115 | 139 |
116 | 140 |